exports.__esModule = true;

var _jsonwebtoken = require('jsonwebtoken');

var _jsonwebtoken2 = _interopRequireDefault(_jsonwebtoken);

function _interopRequireDefault(obj) { return obj && obj.__esModule ? obj : { default: obj }; }

/**
 * token验证
 * @param options
 * @param app
 * @returns {function(*, *)}
 */
exports.default = (options, app) => {
  return (ctx, next) => {
    const excludeRouter = options.excludeRouter;
    if (excludeRouter.includes(ctx.path)) {
      return next();
    }
    if (ctx.method === 'WEBSOCKET') {
      return next();
    }
    if (options.passthrough) {
      return next();
    }
    const tokenKey = options.tokenKey;
    const token = ctx.cookie(tokenKey) || ctx.header[tokenKey] || ctx.post(tokenKey) || ctx.get(tokenKey) || ctx.query[tokenKey];
    if (!token) {
      return ctx.throw('未得到授权,请登录', 403);
    }
    const privateKey = think.config('token').privateKey;
    try {
      // 鉴权认证
      const userInfo = _jsonwebtoken2.default.verify(token, privateKey);
      const { userId, orgId, roleList } = userInfo;

      // 从token解析用户信息到ctx对象,透传至后续controller
      ctx.state.userInfo = { userId, orgId, roleList };
      return next();
    } catch (e) {
      return ctx.throw('认证失败,token过期或无效', 401);
    }
  };
};